This macOS malware can avoid AI analysis with gaslighting prompts hidden inside its architecture
Date:
Fri, 26 Jun 2026 13:00:00 +0000
Description:
A new piece of malware tries to trick AI-assisted analysis into showing errors.
FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter SentinelOne uncovered macOS malware Gaslight that uses prompt injection to mislead AIassisted triage
tools during analysis Beyond standard backdoor and infostealer capabilities, it embeds fake Markdown system messages to trick LLMs into halting investigation Researchers warn defenders to treat malware samples as adversarial input and isolate AI pipelines, as more analysttargeting prompt injection is expected Weve seen prompt injection in websites and emails, but what about - malware samples? Security researchers SentinelOne recently published an in-depth report on a newly uncovered piece of macOS malware called Gaslight that, as the name suggests, tries to gaslight AI-assisted triage agents into stopping the analysis.
The malware itself is nothing out of the ordinary: it infects the device by whatever means necessary (usually phishing and social engineering), connects to attacker-controlled infrastructure via Telegram, and then executes different commands such as profiling the device, running arbitrary shell commands, stealing files, or terminating processes. It also delivers a stage-two malware that acts as an infostealer, pulling passwords, sensitive PDFs, cryptocurrency wallet information, and more. Latest Videos From Watch full video here: Weaponizing LLM-assisted triage pipelines But where Gaslight stands out is its defenses against AI-powered malware analysis . According to SentinelOne, the malware contains a large block of fake Markdown-formatted "system" messages designed for AI assistants that security researchers may
use during reverse engineering. These messages claim things like the AI's authentication token has expired, the analysis environment is running out of memory, disk space has been exhausted, static analysis is unsafe, and
similar.
While a human analyst would definitely recognize these fake messages even at
a glance, an LLM that isnt properly isolated from untrusted input could interpret them as genuine system instructions and refuse to further analyze the malware. You may like Inside the relentless rise of the macOS AMOS infostealer Another worrying macOS malware scheme has been discovered here's how to stay safe Experts warn Claude feature hijacked by hackers to launch major malware campaign
macOS.Gaslight is noteworthy for its analyst-targeting prompt injection, an attempt to weaponize the LLM-assisted triage pipelines that increasingly sit in the reverse-engineering loop, SentinelOne explains. Anyone building such tooling should treat the contents of the samples they triage as adversarial input, never as instructions, and be prepared to keep hostile content out of the model entirely. As LLM-assisted analysis becomes routine, defenders
should expect more samples built to exploit it.
The researchers have published a full list of indicators of compromise on
this link . Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners
or sponsors By submitting your information you agree to the Terms &
Conditions and Privacy Policy and are aged 16 or over.
Via The Hacker News The best antivirus for all budgets Our top picks, based on real-world testing and comparisons
Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
======================================================================
Link to news story:
https://www.techradar.com/pro/security/this-macos-malware-can-avoid-ai-analysi s-with-gaslighting-prompts-hidden-inside-its-architecture
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)